Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain attack capability,” NSFOCUS Security Labs said in a report published last week. APT34, also known by

The Hacker News
#vulnerability#web#mac#microsoft#c++#backdoor#The Hacker News
9 Alarming Vulnerabilities Uncovered in SEL's Power Management Products

Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). “The most severe of those nine vulnerabilities would allow a threat actor to facilitate remote code execution (RCE) on an engineering workstation,” Nozomi Networks said in a report published last week. The issues, tracked as CVE-2023-34392 and from CVE-2023-31168

AtlasVPN Linux Client 1.0.3 IP Leak

Remote disconnect exploit for AtlasVPN Linux client version 1.0.3 that will allow a remote website to extract a client's real IP address.

Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster

The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there are numerous malware strains developed in the Go language,” the AhnLab Security Emergency Response Center (ASEC) said in a deep dive

Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers

An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance. The comprises CVE-2023-28432 (CVSS score: 7.5) and

Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to collect personally identifying information (PII) and payment credentials from victims, in the

PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability

Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight). The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been described as a case of authentication bypass due to a lack of unique cryptographic key generation. “A

Hackers Exploit Adobe ColdFusion Vulnerabilities to Deploy Malware

By Habiba Rashid The cybersecurity researchers at FortiGuard Labs have identified several Adobe ColdFusion vulnerabilities impacting Windows and Mac devices. This is a post from HackRead.com Read the original post: Hackers Exploit Adobe ColdFusion Vulnerabilities to Deploy Malware

North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository

Three additional malicious Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply chain campaign called VMConnect, with signs pointing to the involvement of North Korean state-sponsored threat actors. The findings come from ReversingLabs, which detected the packages tablediter, request-plus, and requestspro. First disclosed at

Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents

A hacking outfit nicknamed Earth Estries has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industries based in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S. "The threat actors behind Earth Estries are working with high-level resources and functioning with sophisticated skills and experience in cyber espionage and illicit